Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2024-9394
HistoryOct 01, 2024 - 4:15 p.m.

CVE-2024-9394

2024-10-0116:15:10
[email protected]
web.nvd.nist.gov
1
firefox
thunderbird
cve
2024
9394
javascript
multipart
response
origin
access
cross-origin
vulnerability
site isolation
android
versions
JSON

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://devtools origin. This could allow them to access cross-origin JSON content. This access is limited to “same site” documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

Related

cve 1
debiancve 1
alpinelinux 1
cvelist 1
vulnrichment 1
nessus 6
mozilla 5
cve
cve
CVE-2024-9394
2024-10-01 16:15:10
debiancve
debiancve
CVE-2024-9394
2024-10-01 16:15:10
alpinelinux
alpinelinux
CVE-2024-9394
2024-10-01 16:15:10
cvelist
cvelist
CVE-2024-9394
2024-10-01 15:13:19
vulnrichment
vulnrichment
CVE-2024-9394
2024-10-01 15:13:19
nessus
nessus
Mozilla Firefox ESR < 115.16
2024-10-01 00:00:00
Mozilla Firefox ESR < 115.16
2024-10-01 00:00:00
Mozilla Firefox ESR < 128.3
2024-10-01 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.16 — Mozilla
2024-10-01 00:00:00
Security Vulnerabilities fixed in Thunderbird 128.3 — Mozilla
2024-10-01 00:00:00
Security Vulnerabilities fixed in Thunderbird 131 — Mozilla
2024-10-01 00:00:00
JSON
Related for NVD:CVE-2024-9394
cve1debiancve1alpinelinux1cvelist1vulnrichment1nessus6mozilla5